package pkg.customer;
import javax.servlet.http.*;
import org.apache.struts.action.*;
import retail.bo.CustomerBo;

public class ForgotPassword_CustomerAction extends Action {
	private CustomerBo customerBo;
	
	public CustomerBo getCustomerBo() {
		return customerBo;
	}

	public void setCustomerBo(CustomerBo customerBo) {
		this.customerBo = customerBo;
	}
	@Override
	public ActionForward execute(ActionMapping mapping, ActionForm form,
			HttpServletRequest request, HttpServletResponse response)
			throws Exception {
		//session, dynaform objects, request parameters from jsp page
		HttpSession session = request.getSession();
		DynaActionForm myform = (DynaActionForm) form;
		
		String fname=(String)myform.get("fname");
     	String lname=(String)myform.get("lname");
     	String answer=(String)myform.get("answer");
     	String password=(String)myform.get("password");
     	String userid=(String)session.getAttribute("userid");
     	boolean correct=customerBo.checkSecurityAnswer(userid, answer, fname, lname, password);
     	if(correct==true){
 	     	session.setAttribute("msg","Details correct, password updated");
 			return mapping.findForward("ForgotPassword_Customer");
     	}
     	else
     	{
 	     	session.setAttribute("msg","Details incorrect: ("+userid+","+answer+","+fname+","+lname+")");
 			return mapping.findForward("ForgotPassword_Customer");
     	}

	}
}     	
     	//retrieve correct security question based on username
     	
//    <c:if test='${param.submit.equals("submit") and answer.equals(param.qa) and (not empty param.password)}'>
//    <div>
//        <p>password reset</p>
//        <sql:update dataSource="jdbc/myoracle">update users set user_pass='${param.password}' where user_name='${uname}'</sql:update>
//    </div>
//    </c:if>
//    
//    <c:if test='${(empty param.password) and (not empty param.submit)}'>
//    <div>
//    	please enter a proper password
//    </div>
//    </c:if>
//     
//    <c:if test="${((not empty (param.submit)) and ((not (answer==param.qa)) or (empty answer)))}">
//    <div>
//        <p>invalid answer to security question</p>
//    </div>
//    </c:if>
